Deal with inheritance from parent directory when setting Windows

author Jeremy Allison <jra@samba.org>

Wed, 8 Oct 2008 22:18:25 +0000 (15:18 -0700)

committer Jeremy Allison <jra@samba.org>

Wed, 8 Oct 2008 22:18:25 +0000 (15:18 -0700)
author Jeremy Allison <jra@samba.org>
Wed, 8 Oct 2008 22:18:25 +0000 (15:18 -0700)
committer Jeremy Allison <jra@samba.org>
Wed, 8 Oct 2008 22:18:25 +0000 (15:18 -0700)
diff --git a/source3/include/proto.h b/source3/include/proto.h

index efa29be16de5cc7732201e57532c755f47b0b808..535adf7e2f298e4dbd4be4ad29618903b62b7bb5 100644 (file)
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -9930,6 +9930,9 @@ NTSTATUS posix_fget_nt_acl(struct files_struct *fsp, uint32_t security_info,
  NTSTATUS posix_get_nt_acl(struct connection_struct *conn, const char *name,
                           uint32_t security_info, SEC_DESC **ppdesc);
  int try_chown(connection_struct *conn, const char *fname, uid_t uid, gid_t gid);
+NTSTATUS append_parent_acl(files_struct *fsp,
+                               const SEC_DESC *pcsd,
+                               SEC_DESC **pp_new_sd);
  NTSTATUS set_nt_acl(files_struct *fsp, uint32 security_info_sent, const SEC_DESC *psd);
  int get_acl_group_bits( connection_struct *conn, const char *fname, mode_t *mode );
  int chmod_acl(connection_struct *conn, const char *name, mode_t mode);
diff --git a/source3/modules/vfs_acl_xattr.c b/source3/modules/vfs_acl_xattr.c

index 4a8f6fec01a7be40fca2a3f6e83de3f26c04ca94..b641195fd79f4fe320c6c19c5e0352af983a7417 100644 (file)
--- a/source3/modules/vfs_acl_xattr.c
+++ b/source3/modules/vfs_acl_xattr.c
@@ -317,6 +317,22 @@ static NTSTATUS fset_nt_acl_xattr(vfs_handle_struct *handle, files_struct *fsp,
                 return status;
         }
  
+       if ((security_info_sent & DACL_SECURITY_INFORMATION) &&
+                       psd->dacl != NULL &&
+                       (psd->type & (SE_DESC_DACL_AUTO_INHERITED|
+                               SE_DESC_DACL_AUTO_INHERIT_REQ))==
+                               (SE_DESC_DACL_AUTO_INHERITED|
+                               SE_DESC_DACL_AUTO_INHERIT_REQ) ) {
+               SEC_DESC *new_psd = NULL;
+               status = append_parent_acl(fsp, psd, &new_psd);
+               if (!NT_STATUS_IS_OK(status)) {
+                       /* Lower level acl set succeeded,
+                        * so still return OK. */
+                       return NT_STATUS_OK;
+               }
+               psd = new_psd;
+       }
+
         create_acl_blob(psd, &blob);
         store_acl_blob(fsp, &blob);
  
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c

index 48ea993e28fcb7b5a4465485b6684b4f08bc319a..da17e53b2ca5268ee43f22b017454a963e320a82 100644 (file)
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -3227,7 +3227,7 @@ int try_chown(connection_struct *conn, const char *fname, uid_t uid, gid_t gid)
   Take care of parent ACL inheritance.
  ****************************************************************************/
  
-static NTSTATUS append_parent_acl(files_struct *fsp,
+NTSTATUS append_parent_acl(files_struct *fsp,
                                 const SEC_DESC *pcsd,
                                 SEC_DESC **pp_new_sd)
  {
author	Jeremy Allison <jra@samba.org>
	Wed, 8 Oct 2008 22:18:25 +0000 (15:18 -0700)
committer	Jeremy Allison <jra@samba.org>
	Wed, 8 Oct 2008 22:18:25 +0000 (15:18 -0700)
source3/include/proto.h		patch \| blob \| history
source3/modules/vfs_acl_xattr.c		patch \| blob \| history
source3/smbd/posix_acls.c		patch \| blob \| history